A router is the best place for such eavesdropping: every company/institution has some.
Unless they are isolated from the Internet, they will be accessibility from outside.
It only requires a triggerable bootloader for a Trojan.
Who has Internet access has access to Web-Search engines.
In traffic from to Web Search-engines Trojan code, command code and intelligence reporting can nicley be hidden!*